Hello everyone,
I’m new here and I’m currently dealing with the GrayLog server.
I would like to create an alarm for the inputs so that if no logs come in for a long time, an alarm is triggered or do you have any other ideas on how to check/control this?
I hope you can help me here.
Thanks very much
You can do something similar to this post: Alert when no logs is sent from a host | ChatGPT solution - #7 by drewmiranda-gl
Be sure to change the search criteria to suite your needs. For example you can have a query that searches for messages from a specific graylog input:
You can find the correct input by adding that field to the message table.
Thanks, this has helped me before.
That’s how it works.
But if there is no message for 5 minutes because it is a switch, for example, then I get 5 messages.
Is it possible to set this up better so that I only get one message per event and if it works again and then stops, another message comes up?
THANKS!
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
